Noah Misch <> writes:
> DefineIndex() has a check_rights argument that determines whether to perform a
> namespace ACL check.  When ALTER TABLE ALTER TYPE rebuilds an index, it sets
> that flag.  The theory goes that use of DROP INDEX and CREATE INDEX is a mere
> implementation detail of ALTER TABLE ALTER TYPE; the operation is logically 
> like
> an alteration of the existing index.  I think the same treatment should extend
> to the tablespace ACL check, as attached.

Seems generally reasonable.

Is there any likely use-case for providing separate control flags for the
two permission checks?  That would require an API change for DefineIndex,
making this considerably more invasive, so I'm not pushing for it ---
just think it's worth asking the question before proceeding.

                        regards, tom lane

Sent via pgsql-hackers mailing list (
To make changes to your subscription:

Reply via email to